refactor(signing): support non-index zero input signing #4646

kyranjamie · 2023-12-05T14:38:29Z

Try out this version of Leather — download extension builds.

Leather currently operates in a mode where addresses are reused. Users only have a single native segwit/taproot address per account. For a short while we were generating new addresses, per bitcoin privacy best practice, and built the signing logic it in a way to support this in future.

In refactoring the signing to work with Ledger via a unified API, I assumed the zero address index which broke this. This PR aims to fix this problem, by introducing a signing configuration, consisting of a derivation path and an input index. When creating the inscription transfer, we create this accompanying config, BitcoinSigningConfig[]. From this, we can then tell the signing function with which address index we need to sign the tx.

In order to not have to make changes in parts of the code where we do know transactions only need to be signed with the 0th index, I've written a function to make the config that assumes this.

Open to other ideas how we can do this. It's a shame in a way to have to have this accompanying metadata, but I can't think of any way we could otherwise know how to sign the tx at a later point in the tx signing flow.

fbwoolf · 2023-12-06T01:10:36Z

Related to this issue? #4645

fbwoolf · 2023-12-07T01:45:22Z

@kyranjamie I tested your branch. I still get the error and see the wrong address in their app, maybe it is on their end so will comment on the issue.

src/app/common/hooks/analytics/use-analytics.ts

src/app/features/collectibles/components/bitcoin/ordinals.tsx

src/app/common/hooks/analytics/use-analytics.ts

src/app/features/collectibles/components/bitcoin/ordinals.tsx

src/app/pages/psbt-request/use-psbt-request.tsx

tests/mocks/constants.ts

pete-watters · 2023-12-07T14:09:59Z

tests/specs/rpc-sign-psbt/sign-psbt.spec.ts

 const signedOnlyIndexZeroPsbt =
  '70736274ff01007b02000000020c9199d8079e6fe8a6c78ac9c4e0311c97c9fcdc8b5586c56d191b6d98c0035e0000000000ffffffff087168f5b929b37a27704d338aa9d0d3508a819f879c244ba12128f04a5b37ef0000000000ffffffff01c800000000000000160014a8113965cee4d5ffa2d9996a204866a58200131d000000000001011f6400000000000000160014a8113965cee4d5ffa2d9996a204866a58200131d220203fe21e3444109e30ff7d19da0f530c344cad2e35fbee89afb2413858e4a9d7aa5483045022100ea4c2a68f1032102ad2c73504096f5dbd63d242ccce8000aa9db1a0ce4c4c59402204269fdd3536697329ed9bffcf67e3584d2d3426f84bb004fe467286abe7b02d8010001011f6400000000000000160014a8113965cee4d5ffa2d9996a204866a58200131d0000';

 test.describe('Sign PSBT', () => {
  test.beforeEach(async ({ extensionId, globalPage, onboardingPage, page }) => {
    await globalPage.setupAndUseApiCalls(extensionId);
    await onboardingPage.signInWithTestAccount(extensionId);
-    await page.goto('https://leather.io');
+    await page.goto('localhost:3000');


Just checking this is intentional?

Yep, cc @fbwoolf

We just need a page to trigger the request from, better the local app than leather.io

I took from other rpc signing tests, so best to change there too?

pete-watters

Code LGTM - didn't fully test the flow

src/shared/crypto/bitcoin/signer-config.spec.ts

fbwoolf

Nice refactor. 👍

kyranjamie · 2023-12-08T09:36:42Z

@314159265359879 any chance you can QA pre-merge?

…#4628

fbwoolf mentioned this pull request Dec 6, 2023

signPsbt stopped working for taproot leaf scripts #4645

Closed

kyranjamie force-pushed the refactor/non-zero-signing-config branch 3 times, most recently from ff69170 to aa34d14 Compare December 6, 2023 16:39

kyranjamie force-pushed the refactor/non-zero-signing-config branch 2 times, most recently from b318f68 to bf9c35f Compare December 7, 2023 12:31

kyranjamie requested review from fbwoolf, pete-watters and edgarkhanzadian December 7, 2023 12:42

kyranjamie marked this pull request as ready for review December 7, 2023 12:43

kyranjamie force-pushed the refactor/non-zero-signing-config branch from bf9c35f to fd5be9b Compare December 7, 2023 13:09